Version without proprietary modules

[fkohrt]

Is your feature request related to a problem? Please describe.

At a German national competition we have decided to use SEB for BYOD assessments because it is not a proprietary solution that we ask our students to install. Now we saw in the roadmap that it is planned to integrate binary blobs, making SEB in part proprietary.

Describe the solution you'd like

A version without any proprietary, code-obfuscated binary blobs.

Describe alternatives you've considered

None, we wouldn't be able to use SEB anymore.

Additional context

BYOD scenarios and proctoring software are a sensitive issue for us as we need to justify our technological requirements to students and parents.

[danschlet]

For the Windows and Mac versions of SEB we have not yet decided about details of increasing the security of SEB for BYOD exams. We will consider your feature request. We nevertheless are getting many contrary requests, which suspect that SEB is too easy to manipulate because the full code is open source, especially in BYOD environments where the integrity of the used SEB version cannot be verified.

What is already clear, that any solution would allow to build SEB versions without the binary security module and maintain its functionality (just missing some of the increased security functions which would require the module).

We might also consider a similar solution that Mozilla uses for the DRM module in Firefox.

[dbuechel]

@fkohrt With respect to the integration of the proprietary module: Would it be acceptable for you if the module can be deactivated via a flag in the configuration? Or what kind of mechanism would you expect in order to be able to continue using SEB?

[fkohrt]

When I opened the issue I primarily thought about what gets installed: Installing the proprietary module could be an optional part of the SEB installation routine. As @danschlet described I can also imagine a mechanism that downloads the proprietary module on demand. An exam could then require the proprietary module to be present or not.

[danschlet]

I actually didn't describe a mechanism which would download the proprietary module on demand. This would not comply with our policy that SEB never connects to any centralized server.

A better approach for us would be if the standard download of SEB contains the module, which can be a) disabled by settings as @dbuechel mentioned or b) can be omitted from/removed from the SEB installation, for example by using a command line option for the installer bundle.

Organizations which are unhappy with such a solution can still build their own SEB version not containing the module at all.

To be blunt: We cannot create a solution which will significantly complicate our SEB build and release process or which confuses the 99% of users which are not concerned about proprietary code in SEB and would create massive additional support efforts.

[fkohrt]

I actually didn't describe a mechanism which would download the proprietary module on demand.

@danschlet I thought this is how the DRM module in Firefox works: by downloading the required blobs on demand if people choose to watch DRM protected videos the first time. Sorry for the confusion.

Anyways, b) sounds like a great option to me and is sufficient for the use case described in the issue.